SONAR.BC.PUA!g18

SONAR.BC.PUA!g18

Behavior

SONAR.BC.PUA!g18 is a heuristic detection to detect potentially unwanted applications.

Antivirus Protection Dates

Initial Rapid Release version
October 06, 2016 revision 023

Latest Rapid Release version
October 06, 2016 revision 023

Initial Daily Certified version
October 08, 2016 revision 001

Latest Daily Certified version
October 08, 2016 revision 001

Initial Weekly Certified release date
October 12, 2016

Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

SONAR.BC.PUA!g18 is a heuristic detection to detect potentially unwanted applications.

SUBMITTING A SAMPLE TO SYMANTEC SECURITY RESPONSE
Please submit files that are detected as SONAR.BC.PUA!g18 to Symantec Security Response so that these new risks or variants can be identified and assigned specific names. To learn how to submit a file, read the document for the type of Symantec antivirus product that you are using:

REMOVING A FILE FROM QUARANTINE
It is possible to restore a file from quarantine to its previous location on your computer. This should only be done if you are certain that the file is not a risk. Symantec strongly recommends that you submit the file that was detected as SONAR.BC.PUA!g18 even if you choose to restore the file from quarantine.

FOR BUSINESS USERS
If you are a Symantec business product user, we recommend you try the following resources to remove this risk.

Identifying and submitting suspect files
Submitting suspicious files to Symantec allows us to ensure that our protection capabilities keep up with the ever-changing threat landscape. Submitted files are analyzed by Symantec Security Response and, where necessary, updated definitions are immediately distributed through LiveUpdate™ to all Symantec end points. This ensures that other computers nearby are protected from attack. The following resources may help in identifying suspicious files for submission to Symantec.

2. Restoring settings in the registry
Many risks make modifications to the registry, which could impact the functionality or performance of the compromised computer. While many of these modifications can be restored through various Windows components, it may be necessary to edit the registry. See in the Technical Details of this writeup for information about which registry keys were created or modified. Delete registry subkeys and entries created by the risk and return all modified registry entries to their previous values.